diff --git a/Singularity/Hands-on.md b/Singularity/Hands-on.md index 231f684c4f213ee05da7cdf755dda8daa0927cdc..c9939a0ccf68bf614d87b215e587d83094c13fd8 100644 --- a/Singularity/Hands-on.md +++ b/Singularity/Hands-on.md @@ -77,81 +77,84 @@ r30u05n797 ## Build Singularity Image from Docker Hub -* Build CentOS/8.0.1905 image from docker hub. +* Build CentOS/8.0 image from docker hub ```console -$ singularity build centos8.sif docker://centos:8.0.1905 +$ singularity build centos8.sif docker://centos:8 ``` * Try our new container ```console -$ singularity exec centos cat /etc/redhat-release +$ singularity exec centos8.sif cat /etc/redhat-release CentOS Linux release 8.0.1905 (Core) ``` +## Cloud Library + +The Cloud Library is the place to push your containers to the cloud so other users can download, verify, and use the containers. + +Sylabs also provides a Remote Builder, used to build your containers containers without root access within the cloud. + +* Create account at **https://cloud.sylabs.io** +* Generate access token **Your account** -> **Access Tokens** +* Save generated access token to **~/.singularity/sylabs-token** +* Try Remote Builder access with simple definition file + + +simple.def: +``` +Bootstrap: docker +From: busybox:latest +``` + +``` +$ singularity build --remote simple.sif simple.def +``` + ## Build own Singularity Image -* [ ] Use **Ubuntu 16.04** from **docker** repository as image base. -* [ ] Add **%help** section. -* [ ] Add information about author to the **%labels** section. -* [ ] Add **%setup** section and create two files. One inside and one outside of the container. -* [ ] In **%files** section copy file we created outside of the container to the inside of it. -* [ ] Add **%environment** section and set some varables. -* [ ] Update the package lists and install **fortune** applications in **%post** section. -* [ ] Make **/srv** writable for all users. -* [ ] Write **%runscript** that use previously installed application. -* [ ] Make **%test** script and ensure that applications are installed correctly. +* [ ] Use **Ubuntu 16.04** from **docker** repository as image base +* [ ] Add **%help** section +* [ ] Add information about author to the **%labels** section +* [ ] Add **%setup** section and create a random file +* [ ] In **%files** section copy file we created outside of the container to the inside of it +* [ ] Add **%environment** section and set some varables +* [ ] Update the package lists and install **fortune** applications in **%post** section +* [ ] Make **/srv** writable for all users +* [ ] Write **%runscript** that use previously installed application (use full paths) +* [ ] Make **%test** script and ensure that applications are installed correctly You can build your image by **sudo singularity build myimage.sif ubuntu.def** or **singularity build --remote myimage.sif ubuntu.def**. +Template: ``` Bootstrap: docker -From: Ubuntu:16.04 +From: %help - This is my first container. + <help here> %setup - touch ${SINGULARITY_ROOTFS}/salomon.txt - touch anselm.txt + <setup here> %post - apt-get -y update - apt-get -y install fortune cowsay + <post here> %files - anselm.txt + <files here> %labels - Maintainer hra0031 - Version v1.0 + <labels here> %environment - COURSE="Productivity tools for High Performance Computing" - VENUE="VSB - Technical University Ostrava, IT4Innovations building, room 207" - export COURSE VENUE + <environment variables here> %runscript - fortune | cowsay + <runscript here> %test - /usr/games/cowsay "Hello" - /usr/games/fortune -``` - -## Apps in Singularity Image - -* [ ] Add to existing bootstrap file 2 SCI-F apps. One for **fortune** app and one for **cowsay** app. -* [ ] Rebuild your image and test SCI-F apps by **singularity run --app _appname_ myimage.img**. -* [ ] Try stdin and stdout to SCI-F apps by **singularity run --app fortune myimage.img | singularity run --app cowsay myimage.img**. - -``` -%apprun fortune - fortune - -%apprun cowsay - cowsay -f gnu + <tests here> ``` ## Persistent Overlays @@ -169,3 +172,58 @@ mkfs.ext3 myoverlay.ext3 singularity shell --overlay myoverlay.ext3 myimage.sif ``` +## Apps in Singularity Image + +Add to existing definition file 2 SCI-F apps: **toilet** and **cowsay** + +* [ ] In **%appinstall** section install app +* [ ] Create runscripts for both apps in **%apprun** section +* [ ] Use **-f gnu** parameters for *cowsay* +* [ ] Use **-f mono12 -F metal** parameters for *toilet* +* [ ] Rebuild your image +* [ ] Try both apps +* [ ] Try stdin and stdout to the apps + +Template: +``` +%appinstall <name> + <install script here> + +%apprun <name> + <run script here> +``` + +``` +singularity run myimage.sif | singularity run --app <appname> myimage.sif +``` + +## Signing and Verifying Containers + +Singularity 3.0 introduces the abilities to create and manage PGP keys and use them to sign and verify containers. This provides a trusted method for Singularity users to share containers. It ensures a bit-for-bit reproduction of the original container as the author intended it. + +* Pull image from library and ensure they are bit-for-bit reproductions of the original image + +``` +$ singularity pull library://busybox:latest +$ singularity verify busybox_latest.sif +``` + +* [ ] Generate own PGP key +* [ ] List keys and copy **fingerprint** of your key +* [ ] Push your key to Cloud Library (email address must match) +* [ ] Search your key in Cloud Library +* [ ] Sign your image with your key +* [ ] Verify your image +* [ ] Create new project in Cloud Library: **Singularity Library** -> **Create a new Project** +* [ ] Push your image to your new project + +``` +$ singularity key newpair +$ singularity key list +$ singularity key push 135E426D67D8416DE1D6AC7FFED5BBA38EE0DC4A +$ singularity key search <name> + +$ singularity sign myimage.sif +$ singularity verify myimage.sif +$ singularity push myimage.sif library://your-name/project-dir/my-container:latest +```